$ rpki-client -vvf repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.mft File: BD5D46B5BFE72F2AA1188A9096B10E01474244B1.mft (raw, json) Hash identifier: LJpW3+U06tVeFc5QmaXP0iKmOUnDLCmESp1MU5wpV3s= Subject key identifier: 64:4E:8E:3C:09:C7:C6:EB:E5:B3:A6:A2:5E:AE:6D:DE:C6:49:F6:8D Authority key identifier: BD:5D:46:B5:BF:E7:2F:2A:A1:18:8A:90:96:B1:0E:01:47:42:44:B1 Certificate issuer: /CN=BD5D46B5BFE72F2AA1188A9096B10E01474244B1 Certificate serial: 42CF43749C0350931BB0B5E5FBB91A8C8B60B9F1 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.mft Manifest number: 0253 Signing time: Sun 07 Sep 2025 08:51:24 +0000 Manifest this update: Sun 07 Sep 2025 08:46:24 +0000 Manifest next update: Wed 10 Sep 2025 15:47:24 +0000 Files and hashes: 1: 3130332e3130352e3139322e302f32342d3234203d3e20313336383738.roa (hash: A4bow00kXpDEKr/WErM916lCjp+QBUm74+vgJ+iFoLw=) 2: 3130332e3130352e3139352e302f32342d3234203d3e20313336383738.roa (hash: OJOE/7q58wvHc3CR/aklsOVCRBylBzz1DBZTUwMunAw=) 3: 3130332e3130352e3139342e302f32342d3234203d3e20313336383738.roa (hash: sGPkr82UUN2m0p5Z6EeIkVlWIj/RwlmetOwmRgGSsB8=) 4: 3130332e3130352e3139332e302f32342d3234203d3e20313337333136.roa (hash: CbT0hYzhheMonOPehO3no/mVI5bpvSbduL61mPpJvUQ=) 5: BD5D46B5BFE72F2AA1188A9096B10E01474244B1.crl (hash: TVzulhs19B9z3ghe0ilTOfkDgnU+ueBzAkD7aZ69RG0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.crl rsync://repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 15:47:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:cf:43:74:9c:03:50:93:1b:b0:b5:e5:fb:b9:1a:8c:8b:60:b9:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD5D46B5BFE72F2AA1188A9096B10E01474244B1 Validity Not Before: Sep 7 08:46:24 2025 GMT Not After : Sep 10 15:47:24 2025 GMT Subject: CN=644E8E3C09C7C6EBE5B3A6A25EAE6DDEC649F68D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:9c:1c:df:b6:cd:1e:46:c4:de:a1:b3:d8:39: 75:8e:42:24:3e:6e:09:82:e9:5e:18:d4:d8:78:77: f3:a9:39:d7:25:8e:a7:3e:c0:23:14:b7:fa:e1:6c: 05:19:42:41:bb:d6:b1:1f:4f:dc:31:8d:91:fe:9c: 99:51:0b:7e:4f:95:fa:67:cd:a1:c8:68:6e:95:d0: 14:c4:00:e4:6f:fa:e1:65:ed:b5:75:6f:71:e7:a6: 5f:04:c4:26:ca:e9:6f:07:0b:46:5b:6d:68:33:4f: 3b:db:27:8f:03:8a:1b:b6:d2:af:22:f3:54:27:e1: 9d:8c:b8:37:3b:14:56:67:cf:7c:7b:d7:c9:70:06: ea:42:6f:76:9c:71:c2:17:22:53:6f:50:76:3f:19: a0:4f:89:c6:27:e1:38:47:b8:f4:06:a4:06:17:c4: f9:d3:92:29:93:23:f7:8d:e1:3b:8b:af:f0:ef:57: 22:95:c4:18:6b:54:6c:0d:e5:02:43:d0:f9:8a:be: 86:67:62:db:5b:39:a1:9e:8a:f9:6e:76:d7:4e:02: 3d:02:bd:c6:6d:50:b0:ad:59:78:41:f0:b5:65:22: e1:43:59:06:70:09:d1:a5:fb:46:27:31:a6:30:d5: b0:8a:aa:6b:60:33:c1:63:4c:ae:62:f1:be:f0:47: 4e:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:4E:8E:3C:09:C7:C6:EB:E5:B3:A6:A2:5E:AE:6D:DE:C6:49:F6:8D X509v3 Authority Key Identifier: keyid:BD:5D:46:B5:BF:E7:2F:2A:A1:18:8A:90:96:B1:0E:01:47:42:44:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:84:47:59:31:f7:81:7a:2e:77:81:b7:26:47:78:41:06:73: 37:18:b5:e5:3c:c1:61:9f:89:84:3d:0c:38:56:08:87:ce:da: 3c:c1:2b:05:bb:64:ef:3e:5d:83:4c:ef:69:a2:ab:df:a9:4c: 9c:b8:5f:c1:3e:15:96:01:1e:05:04:82:51:11:16:fd:5c:a3: 18:1e:36:33:b3:41:9a:e8:7d:e8:9e:ec:07:1a:e9:7f:46:93: 99:c2:e6:ce:d0:bf:b5:54:f4:6c:2b:5f:fc:23:b4:e2:05:86: 40:f8:c4:b5:6b:c6:dd:91:26:a8:12:21:99:47:97:f9:d4:5a: ad:53:55:6b:b4:b9:53:3b:de:de:13:2e:1e:88:5c:85:bb:30: 9d:c8:52:2c:18:31:bd:fa:4d:39:40:a0:37:ac:69:25:32:86: 07:2c:f6:42:a3:7c:71:1c:82:ac:c8:5f:63:25:4e:ec:45:b0: ba:92:fc:49:07:7f:22:cf:7f:52:d6:1e:59:43:d6:59:c7:d3: df:9a:ff:52:05:6e:4c:8f:89:cf:45:c2:27:58:69:8e:21:2e: ad:59:6b:0e:d2:47:a3:b9:c1:31:7b:c5:78:87:47:35:6b:27: 77:f8:7b:89:82:08:99:53:85:d6:8d:ac:fc:50:3b:15:f0:45: e7:c5:f2:24 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQs9DdJwDUJMbsLXl+7kajItgufEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQ1RDQ2QjVCRkU3MkYyQUExMTg4QTkwOTZCMTBFMDE0 NzQyNDRCMTAeFw0yNTA5MDcwODQ2MjRaFw0yNTA5MTAxNTQ3MjRaMDMxMTAvBgNV BAMTKDY0NEU4RTNDMDlDN0M2RUJFNUIzQTZBMjVFQUU2RERFQzY0OUY2OEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEnBzfts0eRsTeobPYOXWOQiQ+ bgmC6V4Y1Nh4d/OpOdcljqc+wCMUt/rhbAUZQkG71rEfT9wxjZH+nJlRC35Plfpn zaHIaG6V0BTEAORv+uFl7bV1b3Hnpl8ExCbK6W8HC0ZbbWgzTzvbJ48Dihu20q8i 81Qn4Z2MuDc7FFZnz3x718lwBupCb3acccIXIlNvUHY/GaBPicYn4ThHuPQGpAYX xPnTkimTI/eN4TuLr/DvVyKVxBhrVGwN5QJD0PmKvoZnYttbOaGeivludtdOAj0C vcZtULCtWXhB8LVlIuFDWQZwCdGl+0YnMaYw1bCKqmtgM8FjTK5i8b7wR049AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUZE6OPAnHxuvls6aiXq5t3sZJ9o0wHwYDVR0j BBgwFoAUvV1Gtb/nLyqhGIqQlrEOAUdCRLEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k OTI0ZmE5YS1lNWYzLTQyNjUtOWUxZC04NGU0NTM1OTYxZDAvMC9CRDVENDZCNUJG RTcyRjJBQTExODhBOTA5NkIxMEUwMTQ3NDI0NEIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkQ1RDQ2QjVCRkU3MkYyQUExMTg4QTkwOTZCMTBFMDE0NzQy NDRCMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDkyNGZhOWEtZTVmMy00MjY1LTll MWQtODRlNDUzNTk2MWQwLzAvQkQ1RDQ2QjVCRkU3MkYyQUExMTg4QTkwOTZCMTBF MDE0NzQyNDRCMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAICER1kx94F6LneBtyZHeEEGczcYteU8wWGf iYQ9DDhWCIfO2jzBKwW7ZO8+XYNM72miq9+pTJy4X8E+FZYBHgUEglERFv1coxge NjOzQZrofeie7Aca6X9Gk5nC5s7Qv7VU9GwrX/wjtOIFhkD4xLVrxt2RJqgSIZlH l/nUWq1TVWu0uVM73t4TLh6IXIW7MJ3IUiwYMb36TTlAoDesaSUyhgcs9kKjfHEc gqzIX2MlTuxFsLqS/EkHfyLPf1LWHllD1lnH09+a/1IFbkyPic9FwidYaY4hLq1Z aw7SR6O5wTF7xXiHRzVrJ3f4e4mCCJlThdaNrPxQOxXwRefF8iQ= -----END CERTIFICATE-----Generated at Tue Sep 9 13:17:25 2025 by rpki-client